package com.baizhi.config;

import com.baizhi.realm.AuthenRealm;
import com.baizhi.realm.AuthorRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        //配置过滤规则 哪些页面拦截，哪些页面;不拦截
        Map map = new HashMap();
        //anon 代表匿名可访问，不登录就可以访问    authc代表登录后才可以访问 拦截规则，一个一个配置，支持通配符
        map.put("/login.jsp","anon");
        map.put("/login/*","anon");

        map.put("/main.jsp","anon");
        map.put("/guru/*","anon");
        map.put("/menu/*","anon");
        map.put("/jsp/*","anon");
        factoryBean.setFilterChainDefinitionMap(map);
        //需要安全管理器
        factoryBean.setSecurityManager(securityManager);
        return factoryBean;
    }

//    //创建一个安全管理器
//    @Bean
//    public DefaultWebSecurityManager defaultWebSecurityManager(AuthenRealm authenRealm){
//        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//        //给安全管理器赋值一个Realm  声明使用哪个Realm
//        securityManager.setRealm(authenRealm);
//        return securityManager;
//    }

//    //创建一个Realm
//    @Bean
//    public AuthenRealm authenRealm(){
//        return new AuthenRealm();
//    }
    //创建一个安全管理器
    @Bean
    public DefaultWebSecurityManager securityManager(AuthorRealm authorRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(authorRealm);
        return securityManager;
    }

    //创建一个Realm
    @Bean
    public AuthorRealm authorRealmRealm(){
        return new AuthorRealm();
    }

}
